"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "etc/arno-iptables-firewall/plugins/parasitic-net.conf" between
aif-2.1.0.tar.gz and aif-2.1.1.tar.gz

About: Arno’s iptables firewall is a stateful firewall script for both single and multi-homed machines with DSL/ADSL support.

parasitic-net.conf  (aif-2.1.0):parasitic-net.conf  (aif-2.1.1)
skipping to change at line 49 skipping to change at line 49
# Specify here the time(s) in minutes between executes of the helper script # Specify here the time(s) in minutes between executes of the helper script
# (leave default if you don't know what it is). # (leave default if you don't know what it is).
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
PARASITIC_NET_TIME="15" PARASITIC_NET_TIME="15"
################################################################################ ################################################################################
# Use PARASITIC_NET_HOST_OPEN_xxx and PARASITIC_NET_HOST_DENY to restrict # # Use PARASITIC_NET_HOST_OPEN_xxx and PARASITIC_NET_HOST_DENY to restrict #
# forwarded parasitic network traffic. # # forwarded parasitic network traffic. #
# # # #
# By default all parasitic network packets are forwarded and NAT'ed upstream, # # By default all parasitic network packets are forwarded and NAT-ed upstream, #
# unless one of the PARASATIC_NET_HOST_OPEN_xxx variables is specified. In # # unless one of the PARASATIC_NET_HOST_OPEN_xxx variables is specified. In #
# that case the default policy for that protocol (TCP, UDP, ICMP, IP) will # # that case the default policy for that protocol (TCP, UDP, ICMP, IP) will #
# become deny, except for IP which always defaults to deny. # # become deny, except for IP which always defaults to deny. #
################################################################################ ################################################################################
# Put in the following variables which hosts you want to allow(open) for certain #-------------------------------------------------------------------------------
# services # PARASITIC_NET_HOST_xxxx_yyy & PARASITIC_NET_HOST_xxxx_yyy format:
# TCP/UDP port format (PARASITIC_NET_HOST_OPEN_TCP & PARASITIC_NET_HOST_OPEN_UDP #
): # TCP/UDP port form:
# "host1,host2~port1,port2 host3,host4~port3,port4 ..." # "SRCIP1,SRCIP2,...>DESTIP1~port \
# SRCIP3,...>DESTIP2~port"
#
# IP form:
# "SRCIP1,SRCIP2,...>DESTIP1~protocol \
# SRCIP3,...>DESTIP2~protocol"
#
# ICMP form:
# "SRCIP1,SRCIP2,...>DESTIP1 \
# SRCIP3,...>DESTIP2"
#
# TCP/UDP examples:
# -----------------
# Simple:
# (Allow port 80 to INET host 1.2.3.4 for all parasitic hosts(0/0)):
# PARASITIC_NET_HOST_OPEN_xxx="1.2.3.4~80"
# Advanced:
# (Allow port 20 & 21 to INET host 1.2.3.4 for all parasitic hosts(0/0) an
d
# allow port 80 to INET host 1.2.3.4 for parasitic host 192.168.0.10 (onl
y)):
# PARASITIC_NET_HOST_OPEN_xxx="1.2.3.4~20,21 192.168.0.10>0/0~80"
# #
# ICMP protocol format (PARASITIC_NET_HOST_OPEN_ICMP): # IP protocol example:
# "host1 host2 ...." # (Allow protocols 47 & 48 to INET host 1.2.3.4 for all parasitic hosts(0/
0))
# PARASITIC_NET_HOST_OPEN_IP="1.2.3.4~47,48"
# #
# IP protocol format (PARASITIC_NET_HOST_OPEN_IP): # NOTE: If no SRCIPx is specified, any source host is used
# "host1,host2~proto1,proto2 host3,host4~proto4,proto4 ..." #-------------------------------------------------------------------------------
# Put in the following variables which hosts you want to allow(open) for certain
# services
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
PARASITIC_NET_HOST_OPEN_TCP="" PARASITIC_NET_HOST_OPEN_TCP=""
PARASITIC_NET_HOST_OPEN_UDP="" PARASITIC_NET_HOST_OPEN_UDP=""
PARASITIC_NET_HOST_OPEN_ICMP="" PARASITIC_NET_HOST_OPEN_ICMP=""
PARASITIC_NET_HOST_OPEN_IP="" PARASITIC_NET_HOST_OPEN_IP=""
# Put in the following variables which hosts you want to deny for certain # Put in the following variables which hosts you want to deny for certain
# services # services
# TCP/UDP port format (PARASITIC_NET_HOST_DENY_TCP & PARASITIC_NET_HOST_DENY_UDP
):
# "host1,host2~port1,port2 host3,host4~port3,port4 ..."
#
# ICMP protocol format (PARASITIC_NET_HOST_DENY_ICMP):
# "host1 host2 ...."
#
# IP protocol format (PARASITIC_NET_HOST_DENY_IP):
# "host1,host2~proto1,proto2 host3,host4~proto4,proto4 ..."
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
PARASITIC_NET_HOST_DENY_TCP="" PARASITIC_NET_HOST_DENY_TCP=""
PARASITIC_NET_HOST_DENY_UDP="" PARASITIC_NET_HOST_DENY_UDP=""
PARASITIC_NET_HOST_DENY_ICMP="" PARASITIC_NET_HOST_DENY_ICMP=""
PARASITIC_NET_HOST_DENY_IP="" PARASITIC_NET_HOST_DENY_IP=""
# Enable (1) or disable(0) logging of denied packets # Enable (1) or disable(0) logging of denied packets
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
PARASITIC_NET_DENY_LOG=1 PARASITIC_NET_DENY_LOG=1
 End of changes. 5 change blocks. 
19 lines changed or deleted 36 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)